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ABSTRACT 



A message receiving apparatus for receiving messages from 
a message transmitting apparatus generates first data for 
producing a display which urges a user of the message 
transmitting apparatus to input a message, and generates 
second data within the first data for specifying a conversion 
type for secret communication of the message. The message 
receiving apparatus sends the first data including the second 
data to the message transmitting apparatus and subsequently 
receives the message from the message transmitting appa- 
ratus. The message transmitting apparatus for transmitting 
messages to the message receiving apparatus receives the 
first data for producing the display and the accompanying 
second data for specifying the conversion type and produces 
the display according to the first data. On receiving the 
message inputted by the user in response to the display, the 
message transmitting apparatus converts the input message 
according to the second data and transmits the converted 
message to the message receiving apparatus. 

17 Claims, 15 Drawing Sheets 
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FIG. 1 1 

<HTML> 

<HEAD><T I TLE>MESSAGE INPUT FORM</T I TLEx/HEAD> 
<B0DY> 

<F0RM me thod=*post"act ion="cgi — bin/ui_input*> 
f <INPUT type='hidden' 

1 name='Proc-Type'value='ENCRYPTED"> 
j <INPUT type='hidden' 

1 name=="Key'value='cOQb28sgCW49TcbhA4BE'> 
Input your name : 

<INPUT type= ' text 'name= 'Name' value= ' '> 
Input your address : 

<INPUT type='text'name='Address'value = "> 
Input your util. date : 

<INPUT type='text' name='Date'value="> 
<INPUT type='submit'value='Send Your Data'> 

</F0RM> 

</B0DY> 

</HTML> 
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FIG. 12 



<HTML> 

<HEADxTITLE>MESSAGE INPUT F0RM</T I TLEx/HEAD> 
<B0DY> 

<F0RM me t hod = ' pos t ' ac t i on = " eg i — b i n/u i_ i npu t ' > 
Input your name : 

<INPUT type="text"name="Name'value = '"> 
Input your address : 

<INPUT type='text"name='Address'value="*> 
Input your util. date : 

<INPUT type='text' name='Date'value="> 

<INPUT type="submit"value='Send Your Data'> 
</FORM> 
</BODY> 
</HTML> 
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FIG. 14 
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FIG. 16 



<! -BEGIN Key -Info : alg="MyEUty-DES-CBC" -> 
sf + kagvlakk40OTRLGVA X 0/3iec9TK0ifd04V0IRV 1 g 1 
ROIEKielORDOK X KIjdaJEFJAJJKfjj4gdjgLKKD X 5 J 
<! -END Key-Info : -> 

<! -BEGIN MIC -Info : alg="MyEllty-SHA-l"-> 
smaoSDKcOasET+ JkPDX/sas3 lag X 37QaczsdFKPDS 1 652 
Lsdaros7sJAs== J 
<! -END MIC -Info : -> 

<! -Originator-ID : value-' 1234000000000001" -> 
<! - BEGIN ENCRYPTED - > 

SDKMjpoj9u91q39c07jak+OKOFELSB/aivi01EAIG \ 653 
9ILC86943ITIVCLfk3dhqps4 = = J 
< ! - END ENCRYPTED - > 
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MESSAGE RECEIVING APPARATUS AND 
MESSAGE TRANSMITTING APPARATUS 

This application is based on applications Nos. 9-348939 
and 10-193001 filed in Japan, the contents of which are 
hereby incorporated by reference. 

BACKGROUND OF THE INVENTION 

1. Field of the Invention 

The present invention relates to a message receiving 
apparatus for receiving messages converted for secret 
communication, and a message transmitting apparatus for 
transmitting the converted messages. 

2, Description of the Prior Art 

In computer-to-computer communications, encryption 
techniques are widely used to protect privacy of information 
against third parties aside from the transmitter and the 
receiver of the information. Digital signature techniques 
which add signature information to transmission informa- 
tion are equally widely used to guarantee secure information 
transmission from the transmitter to the receiver. 

For example, in the WWW (World Wide Web) system on 
the Internet, encryption techniques can be used when a user 
of a client apparatus inputs a message of a predetermined 
format in response to information provided from a server 
apparatus and transmits the input message to the server 
apparatus. The SSL (Secure Socket Layer) protocol and the 
S-HTTP (Secure-HyperText Transfer Protocol) are repre- 
sentative of such encryption techniques used in the WWW 
system. 

To communicate a message which requires privacy using 
the SSL protocol, first a server (receiver of the message) 
sends a request to select whether to use the SSL protocol to 
a client (transmitter of the message), and the client accord- 
ingly selects to use the protocol (that is, to encrypt the 
message) and sends a list of available encryption methods to 
the server. After the server selects one of the available 
encryption methods, the message communication begins 
between the server and the client using the selected encryp- 
tion method. 

Thus, in message communication using the SSL protocol, 
to perform encrypted message communication depends on 
the client's decision to encrypt the message. Similarly, when 
using other conventional encryption techniques, encrypted 
communication is performed depending on whether the 
client chooses to perform encryption. This dependency on 
the client to decide whether to perform encryption often 
places a constraint on the performance of the server. 

SUMMARY OF THE INVENTION 

The present invention aims to provide a message receiv- 
ing apparatus that determines whether to perform 
encryption/digital signature on each input message in a 
message transmitting apparatus according to conditions 
under which the message is transmitted from the message 
transmitting apparatus, and the message transmitting appa- 
ratus that transmits messages to the message receiving 
apparatus. 

In order to fulfill the above object, the message receiving 
apparatus of the present invention is a message receiving 
apparatus for receiving messages from a message transmit- 
ting apparatus, the message receiving apparatus including: a 
first generating unit for generating first data for producing a 
display which urges a user of the message transmitting 
apparatus to input a message; a second generating unit for 
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generating second data within the first data for specifying a 
conversion type for secret communication of the message; a 
transmitting unit for transmitting the first data including the 
second data to the message transmitting apparatus; and a 
5 receiving unit for receiving the message from the message 
transmitting apparatus after the first data including the 
second data has been transmitted to the message transmitting 
apparatus. 

With this construction, the message receiving apparatus 
10 generates the first data for producing the display that urges 
the user of the message transmitting apparatus to input the 
message, generates the second data within the first data for 
specifying the conversion type for secret communication of 
the message, transmits the first data including the second 
15 data to the message transmitting apparatus, and subse- 
quently receives the message from the message transmitting 
apparatus. 

Thus, the message receiving apparatus can, according to 
its intentions such as improvement of the security in 

20 communication, freely specify the conversion type for secret 
communication of the message to be sent from the message 
transmitting apparatus. Also, the message receiving appara- 
tus can specify a conversion type for each of a plurality of 
messages to be sent from the message transmitting appara- 

25 tus. 

The above object can also be fulfilled by a message 
receiving apparatus for receiving messages from a message 
transmitting apparatus, the message receiving apparatus 

3Q including: a first receiving unit for receiving first data 
concerning a use condition of the message transmitting 
apparatus from the message transmitting apparatus; a first 
generating unit for generating second daia for producing a 
display which urges a user of the message transmitting 

35 apparatus to input a message; a second generating unit for 
generating third data for specifying a conversion type for 
secret communication of the message according to the 
received first data; a transmitting unit for transmitting the 
second data and the third data to the message transmitting 

40 apparatus; and a second receiving unit for receiving the 
message from the message transmitting apparatus after the 
second data and the third data have been transmitted to the 
message transmitting apparatus. 
With this construction, the message receiving apparatus 

45 receives the first data concerning the use of the message 
transmitting apparatus from the message transmitting 
apparatus, generates the second data for producing the 
display which urges the user of the message transmitting 
apparatus to input the message, generates the third data for 

50 specifying the conversion type for secret communication of 
the message according to the first data, and transmits the 
second data and the third data to the message transmitting 
apparatus. The message receiving apparatus subsequently 
receives the message from the message transmitting appa- 

5S ratus. 

Accordingly, the message receiving apparatus with inten- 
tions such as improvement of the security in communication 
can by itself specify the conversion type for secret commu- 
nication of the message according to the use condition of the 

60 message transmitting apparatus. 

Here, the message receiving apparatus may further 
include an associating unit for associating the first data with 
conversion type information that indicates whether to per- 
form encryption, which encryption method should be used if 

65 performing the encryption, whether to perform digital 
signature, and which digital signature method should be 
used if performing the digital signature, wherein the use 
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condition of the message transmitting apparatus shown by to perform digital signature, and which of digital signature 

the first data corresponds to an attribute of the user of the methods set in advance in the message transmitting appa- 

message transmitting apparatus, and wherein the second ratus should be used if performing the digital signature, 

generating unit generates the third data according to the With this construction, the message receiving apparatus 

conversion type information associated with the first data. 5 generates the third data according to the first data received 

With this construction, the message receiving apparatus, from the message transmitting apparatus, the third data 

on receiving the first data concerning the user attribute of the including an indication concerning whether to perform 

message transmitting apparatus, generates the third data encryption/digital signature and which of encryption/digital 

according to the conversion type information associated signature methods set in advance in the message transmit - 

with the first data, the conversion type information indicat- 10 ting apparatus should be used. 

ing whether to encrypt/digitally sign the message and which Accordingly, the message receiving apparatus can specify 

encryption/digital signature method should be used. The whether to encrypt/digitally sign the message and which of 

message receiving apparatus then sends the second data and encryption/digital signature methods set in the message 

the third data to the message transmitting apparatus and transmitting apparatus should be used, based on the use 

subsequently receives the message converted by the mes- 15 con dition of the message transmitting apparatus, 

sage transmitting apparatus according to the third data. A]s0) to fu lfill the above object, the message transmitting 

Accordingly, the message receiving apparatus can specify apparatus of the present invention is a message transmitting 

whether to encrypt/digitally sign the message and which apparatus for transmitting messages to a message receiving 

encryption/digital signature method should be used, based apparatus, the message transmitting apparatus including: a 

on the user attribute of the message transmitting apparatus. 20 receiving unit for receiving first data for producing a display 

Here, the second data may be written in an HTML format, which urges a user of the message transmitting apparatus to 

wherein the third data is written within the second data using input a message from the message receiving apparatus, the 

tags that extend the HTML format. first data including second data for specifying a conversion 

With this construction, the message receiving apparatus, 25 tv P e for communication of the message; a displaying 

on receiving the first data, generates the second data written UDlt for P™ d * c m ^ display according to the first data; an 

in the HTML format and further generates the third data inputting umt f or receiving the message inputted by the user 

within the second data using the tags according to the first m res P onse t0 the dis P la y; a converting unit for converting 

data the input message according to the second data; and a 

1 j . . i . . 4 .~ transmitting unit for transmitting the converted message to 

Accordingly, the message receiving apparatus can specify 30 ( , ° . . ° & 

... __c «• /j« • i • j i • l me message receiving apparatus, 

whether to perform encryption/digital signature and which 7 . 

encryption/digital signature method should be used for the Wlth thls construction, the message transmitting appara- 

message by adding the special tags to the document written tus receives, from the message receiving apparatus, the first 

in HTML, based on the user attribute of the message data for producing the display which urges the user to input 

transmitting apparatus. Thus, a conversion type can easily be 35 J e messa S e and the accompanying second data for speci- 

specified for each of a plurality of messages by adding such the ^D^ion type for secret communication of the 

special tags to an HTML document. message. The message transmitting apparatus then produces 

j — * . . A _ , the display according to the first data, receives the message 

Here, the message receiving apparatus may further k d b ^ ^ ffl r£ ^ ^ ^ ^ 

include a storing unit for storing fourth data showing key ^ m m ^sJLg to the second data. This con- 

information necessary for the message transmuting appara- « verted m ^ ^ transn]itted to ^ m Kceiyi 

tus to perform the encryption, wherein the transmitting unit atroaratus 

transmits the second data, the third data, and the fourth data A " , 

to the message transmitting apparatus. Accordingly, the message transmitting apparatus can con- 

,„.,,. . , . . vert the message according to the conversion type which has 

With this construction, the message receiving apparatus been ified b the m receiving apparatus with 

transmits the fourth data showing the key information nec- such as improvement in the security in commu- 

essary for the encryption to the message transmitting appa- nication 

ratus along with the second data and the third data. V < . , . - 1jC11 - , 

* j- i *i_ • *. -i The above obiect can also be nimlled bv a message 

Accordingly, the message receiving apparatus can easily , J , t t t c 4 , 4 f y l "™* a &* 

•e 4 u *• *u j u- u *u i • c transmitting apparatus that outputs first data for producing a 

specify the encryption method which uses the key mforma- . 4 i . . j . • . 

^ n 50 display to a displaying unit and transmits a message, input- 
ted by a user via an inputting unit in response to the display, 

Here, the message receiving apparatus may further to a message app aratus, the message transmitting 

include a reconverting unit for reconverting the message apparatus inc hiding: a receiving unit for receiving the first 

received by the second receiving unit. data for prodTlc ing the display which urges the user to input 

With this construction, the message receiving apparatus, S5 the message from the message receiving apparatus, the first 

after sending the second data and the third data to the data including second data for specifying a conversion type 

message transmitting apparatus, receives the message which for secret communication of the message; a converting unit 

has been converted by the message transmitting apparatus for converting the message inputted by the user according to 

according to the conversion type specified by the third data the second data; and a transmitting unit for transmitting the 

and reconverts the received message. Accordingly, the mes- 60 converted message to the message receiving apparatus, 

sage receiving apparatus can perform secret communication with this construction, the message transmitting appara- 

of the message with the message transmitting apparatus with tus receives, from the message receiving apparatus, the first 

greater convenience by reconverting the received message. data for producing the display which urges the user to input 

Here, the conversion type specified in the third data may the message and the accompanying second data for speci- 

indicate whether to perform encryption, which of encryption 65 fying the conversion type for secret communication of the 

methods set in advance in the message transmitting appa- message. The message transmitting apparatus then outputs 

ratus should be used if performing the encryption, whether the first data to the displaying unit, converts the message 
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inputted via the inputting unit in response to the display indication, made appropriately by the message receiving 

according to the second data, aod transmits the converted apparatus according to the use condition of the message 

message to the message receiving apparatus. transmitting apparatus, concerning whether to perform 

Accordingly, the message transmitting apparatus can con- encryption/digital signature and which encryption/digital 

vert the message according to the conversion type, that has 5 signature method should be used. 

been specified by the message receiving apparatus with Here, the second data may be written in an HTML format, 

intentions such as improvement of the security in wherein the third data is written within the second data using 

communication, through the use of the existing displaying tags that extend the HTML format. 

and inputting units. With this construction, the third data received together 

The above object can also be fulfilled by a message 10 with the second data is written within the second data of the 

transmitting apparatus for transmitting messages to a mes- HTML format using the tags that extend the HTML format, 

sage receiving apparatus, the message transmitting appara- Accordingly, the message transmitting apparatus can 

tus including: an acquiring unit for acquiring first data encrypt and/or digitally sign the message according to an 

concerning a use condition of the message transmitting indication which can be made easily by the message recciv- 

apparatus; a first transmitting unit for transmitting the first 15 ing apparatus by adding the special tags to the HTML 

data to the message receiving apparatus; a receiving unit for document and transmitting the document to the a message 

receiving, from the message receiving apparatus, second transmit ting apparatus. 

data for producing a display which urges a user to input a Here, the message transmitting apparatus may further 

message and third data, generated according to the first data, include a preventing unit for preventing the third data 

for specifying a conversion type for secret communication 20 written using the tags from being displayed, 

of the message; a displaying unit for producing the display with this construction, the third data written within the 

according to the second data; an inputting unit for receiving second data the tags is not displayed on lhe smcn of 

the message inputted by the user in response to the display; me message transmitting apparatus. Since the third data 

a converting unit for converting the input message according specifying the conversion type is not displayed on the 

to the third data; and a second transmitting unit for trans- 25 scr een, it is possible to prevent the specified conversion type 

mitting the converted message to the message receiving from being changed m me mes sage transmitting apparatus, 

apparatus. Here, the receiving unit may receive fourth data showing 

With this construction, the message transmitting appara- key information necessary for performing the encryption 

tus acquires the first data concerning the use of the message 3o from me meS sage receiving apparatus together with the 

transmitting apparatus and transmits the first data to the second data md the tnird data> wherein the converting unit 

message receiving apparatus. The message transmitting converts the input message according to the third data and 

apparatus then receives the second data for producing the me f ourln data 

display which urges the user to input the message and the ^ ^ constructi ^ e appara . 

fluid data, generated accordmg to tbe first data for speci- ms ^ m ^ * informatio B n £ own 

fying the conversion type for secret communication of the b ^ ^ ^ accordin tQ ^ co ' nversion , infor . 

message from the message receivmg apparatus, and pro- matioQ associated ^ the mW data Acco J^ me 

duces the display according to the second data. On receiving . . . Jr • 

4 , K ' . . v 5 . . j * * message transmitting apparatus can easily encrypt the input 

the message inputted by the user in response to the display, „ • *u • j i • * «• c 

^ . . ^ .i ■ . message using the received key information necessary for 

the message transmitting apparatus converts the input mes- .« A ° \ ' 

a- . .u *u- a a i , a. <u *a w the specified encryption method, 

sage according to the third data and transmits the converted r Jr 

message to the message receiving apparatus. BRIEF DESCRIPTION OF THE DRAWINGS 

Accordingly, the message transmitting apparatus can con- ^ and ^ advantages and features of the 

vert the message according to the conversion type specified .« , J . c - „ , 

, A , & . . & ^ *. L • . . invention will become apparent from the following descnp- 

by the message receiving apparatus with intentions such as AC .. f4l rr . ..... • 

. J . r t . ■ *i 45 tion thereof taken in conjunction with the accompanying 

improvement of the security in communication. Also, since , tU . . . J ... * <t*l - 

. 1 . , , J , A - . . drawmgs that illustrate a specific embodiment of the lnven- 

the conversion type has been determined by the message tioQ drawiags; 

receiving apparatus based on the use condition of the ' * 

message transmitting apparatus, the message can be con- . FIG ; 1 * a block dia S ram showui S ^e general construc- 

verted in accordance with the conversion type appropriately Kn U ° n L of a data communication system 1 of the embodiment 

specified by the message receiving apparatus. of the P rescnt mventl0n ; 

Here, the message transmitting apparatus may further . 2 is a block diagram showing the construction of an 

include an associating unit for associating the third data with mputAmlput controlling unit 22 in a client apparatus 2; 

conversion type information that indicates whether to per- FIG * 3 K a block diagram showing the construction of an 

form encryption, which encryption method should be used if 55 encryption/commumcation controlling unit 21 in the client 

performing the encryption, whether to perform digital apparatus 2 (and an encryption/communication controlling 

signature, and which digital signature method should be unit 41 in a scrver apparatus 4); 

used if performing the digital signature, wherein the con- FIG. 4 is a block diagram showing the construction of an 

verting unit converts the input message according to the information managing unit 42 in the server apparatus 4; 

conversion type information associated with the third data. 60 FIG. 5 is a sequence diagram showing a flow of data 

With this construction, the message transmitting appara- between the client apparatus 2 and the server apparatus 4 in 

tus converts the input message according to the conversion the data communication system 1; 

type information indicating whether to perform encryption/ FIG. 6 shows an example of the correspondence between 

digital signature and which encryption/digital signature encryption variables and encryption/digital signature meth- 

method should be used. 65 ods; 

Accordingly, the message transmitting apparatus can FIG. 7 is a flowchart showing the control procedure of the 

encrypt and/or digitally sign the message according to an client apparatus 2; 
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FIG. 8 is a flowchart showing the control procedure of the ratus 4 as well as message encryption and other processes, 

server apparatus 4; and an input/output controlling unit 22 equipped with an I/F 

FIG. 9 shows a facility reservation system menu display unit 221 as a user interface. 

401 that is displayed on a screen of an I/F unit 221 in the The inner constructions of the client apparatus 2 and 
client apparatus 2 based on a predetermined HTML docu- 5 server apparatus 4 are explained in greater detail below with 
ment retrieved from provided information data 43 in the reference to FIGS. 2-4. In these figures, "plaintext" is a 
server apparatus 4; generic term for data (including messages), held in the client 

FIG. 10 shows a correspondence table, held in the server apparatus 2 or the server apparatus 4, which is neither 

apparatus 4, between user attribute information sent from encrypted nor digitally signed, while "communication text" 

the client apparatus 2 and documents to be sent to the client 10 * a generic term for data, whether or not encrypted/digitally 

apparatus 2; signed, which is being transmitted or received between the 

FIG. 11 shows a message input form creation document encryption/communication controlling unit 21 of the client 

included in document 0001 corresponding to attribute infer- apparatus 2 and the encryption/communication controlling 

mation 1 (members); „ uml 41 of the 8mec Meatus 4. 

FIG. 12 shows a message input form creation document . FI< ?' 2 15 a block diagram showing the construction of the 

included in document 0002 corresponding to attribute infer- ^put/output controlling unit 22 in the client apparatus 2. 

mation 2 (visitors); Tim input/output controlling unit 22 includes the I/F unit 

FIG. 13 shows an example of a reservation setting display 221 c 1 ui PP ed w j th a ^yb° a rd, a screen and the like, a 

402 which includes a message input form for members; 20 P£ ntexl generating unit 222, a plaintext transmitting unit 
„ rt „ , , , „ . . , 223, a plamtext receiving unit 224, and a display data 
FIG. 14 shows an example of a reservation setting display generating unit 225 

403 which includes a message input form for visitors; „„ ^ . . ' ^ A At . , 

mrt ^ , .„ , . When transmittmg data to the server apparatus 4, the 1/F 

HQ. 15 shows a specific example of internal data gener- uni , 2n receives 6m . tted b the iDformadon , he 

402 T 3 mPU " 0n reSerVatl ° n 86111118 dlSplay 25 Plaintext generating unit 222 processes the input data to 

4UZ, and generate a plaintext 301, and the plaintext transmitting unit 

FIG. 16 shows a specific example of data generated by 223 transmits the generated plaintext 301 to the encryption/ 

performing encryption and digital signature on the internal communication controlling unit 21. > 

data in FIG. 15. When receiving data from the server apparatus 4, the 

DESCRIPTION OF THE PREFERRED 30 V^**™f™Z «J* 224 receives a plaintext 302 from the 

EMBODIMENTS encryption/communication controlling unit 21, the display 

data generating unit 225 generates display data from the 

The following is a description of a data communication received plaintext 302, and the I/F unit 221 displays infor- 

system of the embodiment of the present invention with mation on the screen for the user based on the generated 

reference to the figures. 35 display data. 

FIG. 1 is a block diagram showing the general construe- FIG. 3 is a block diagram showing the construction of the 

tion of a data communication system 1 of the embodiment encryption/communication controlling unit 21 of the client 

of the present invention. apparatus 2 (the construction shown in the figure is also 

The data communication system 1 mainly includes a applicable to the encryption/communication controlling unit 

client apparatus 2 whose user utilizes information provided ^ °? tne server apparatus 4). 

by a server apparatus 4, the server apparatus 4 which This encryption/communication controlling unit 21 

provides information for the user of the client apparatus 2, includes a transmission controlling unit 211 for transmitting 

and a radio or cable channel 3, and can be used as a WWW a communication text 303 generated from the plaintext 301 

system linked to the Internet. to the server apparatus 4 and a reception controlling unit 216 

This specification describes the data communication sys- 45 for generating the plaintext 302 from a communication text 

tern 1 based on the following assumption. That is, the user 304 received from the server apparatus 4. In this 

of the client apparatus 2 first sends an information request to construction, a public key 351 and a secret key 352 are 

the server apparatus 4, the server apparatus 4 accordingly shared b y the transmission controlling unit 211 and the 

provides the requested information to the client apparatus 2, 50 reception controlling unit 216 for performing processing for 

and the user of the client apparatus 2 inputs a message which encryption/digital signature. 

requires privacy in response to the received information and More specifically, the transmission controlling unit 211 
transmits the message to the server apparatus 4. includes a plaintext receiving unit 212, a plaintext analyzing 
The server apparatus 4 is primarily used for providing unil 213 > an encrypting/signature creating unit 214 and a 
information on the Internet and, as shown in FIG. 1, includes 55 communication text transmitting unit 215, while the recep- 
provided information data 43 to be provided for the user of tlon controlling unit 216 includes a communication text 
the client apparatus 2 (information user), registered infer- receiving unit 217, a decrypting/signature verifying unit 
mation data 44 obtained from the information user, an 218 > a plaintext a restoring unit 219 and a plaintext trans- 
information managing unit 42 for managing retrieval and milling unit 220. 

registration of information, and an encryption/ 60 When transmitting data to the server apparatus 4, the 

communication controlling unit 41 for controlling plaintext receiving unit 212 sends the plaintext 301 received 

transmission/reception of data with the client apparatus 2, from the input/output controlling unit 22 to the plaintext 

message encryption and other processes. analyzing unit 213 which judges whether to encrypt/digitally 

The client apparatus 2 is primarily used for utilizing & *& n tne plaintext 301. 

information on the Internet and, as shown in FIG. 1, includes 65 On judging that encryption or digital signature needs to be 

an encryption/communication controlling unit 21 for con- performed on the plaintext 301, the plaintext analyzing unit 

trolling transmission/reception of data with the server appa- 213 sends the plaintext 301 to the encrypting/signature 
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creating unit 214. The encrypting/signature creating unit 214 
accordingly encrypts or digitally signs the received plaintext 
301 using the public key 351 or the secret key 352 and sends 
the result to the communication text transmitting unit 215. 
When, on the other hand, it is judged that neither encryption 
nor digital signature is necessary, the plaintext analyzing 
unit 213 sends the plaintext 301 directly to the communi- 
cation text transmitting unit 215. 

The communication text transmitting unit 215 generates 
the communication text 303 from the data received from the 
plaintext analyzing unit 213 or the encrypting/signature 
creating unit 214 and transmits the communication text 303 
to the server apparatus 4 via the channel 3. 

When receiving data from the server apparatus 4, the 
communication text receiving unit 217 receives the com- 
munication text 304 from the server apparatus 4 via the 
channel 3 and judges whether to perform decryption/digital 
signature verification. 

When judging that decryption or digital signature verifi- 
cation needs to be performed, the communication text 
receiving unit 217 sends the communication text 304 to the 
decrypting/signature verifying unit 218. The decrypting/ 
signature verifying unit 218 accordingly decrypts the com- 
munication text 304 or verifies a digital signature of the 
communication text 304 using the public key 351 or the 
secret key 352, and sends the result to the plaintext restoring 
unit 219. When, on the other hand, judging that neither 
decryption nor digital signature verification is necessary, the 
communication text receiving unit 217 sends the commu- 
nication text 304 directly to the plaintext restoring unit 219. 

The plaintext restoring unit 219 restores the plaintext 302 
from the data received from the communication text receiv- 
ing unit 217 or the decrypting/signature verifying unit 218, 
and the plaintext transmitting unit 220 sends the restored 
plaintext 302 to the input/output controlling unit 22. 

The construction and operation of each component in the 
encryption/communication controlling unit 41 of the server 
apparatus 4 are the same as the encryption/communication 
controlling unit 21 shown in FIG. 3. However, note that the 
encryption/communication controlling unit 41 of the server 
apparatus 4 sends/receives plaintexts to/from the informa- 
tion managing unit 42, and sends/receives communication 
texts to/from the client apparatus 2 via the channel 3. In this 
encryption/communication controlling unit 41 of the server 
apparatus 4, a plaintext sent from the information managing 
unit 42 is encrypted or digitally signed as necessary, and 
then a communication text is generated and sent to the client 
apparatus 2. A communication text sent from the client 
apparatus 2 is decrypted or its digital signature is verified as 
necessary, and then a plaintext is generated and sent to the 
information managing unit 42. 

FIG. 4 is a block diagram showing the construction of the 
information managing unit 42 of the server apparatus 4. 

As shown in the figure, the information managing unit 42 
includes a plaintext receiving unit 421, a plaintext analyzing 
unit 422, an information retrieving unit 423, an information 
registering unit 424, a plaintext generating unit 425 and a 
plaintext transmitting unit 426. 

The plaintext receiving unit 421 receives a plaintext 305 
from the encryption/communication controlling unit 41 and 
sends the plaintext 305 to the plaintext analyzing unit 422. 
The plaintext analyzing unit 422 analyzes the received 
plaintext 305 and sends it either to the information retrieving 
unit 423 or to the information registering unit 424, depend- 
ing on the process required in the plaintext 305. 

When the plaintext 305 analyzed by the plaintext analyz- 
ing unit 422 shows a request to provide information, the 
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information retrieving unit 423 retrieves the information 
requested by the plaintext 305 from the provided informa- 
tion data 43. When the plaintext 305 analyzed by the 
plaintext analyzing unit 422 shows a request to register 

5 information, the informauon registering unit 424 registers 
the information in the registered information data 44. 

The plaintext generating unit 425 generates a plaintext 
306 which is either the retrieved information to be provided 
for the information user (user of the client apparatus 2) or a 

10 communication completion notification showing the regis- 
tration completion, and the plaintext transmitting unit 426 
sends the generated plaintext 306 to the encryption/ 
communication controlling unit 41. 

FIG. 5 is a sequence diagram showing a flow of data 

15 between the client apparatus 2 and the server apparatus 4 in 
the data communication system 1. 

In the figure, processing in the input/output controlling 
unit 22 and encryption/communication controlling unit 21 of 

2Q the client apparatus 2 and the encryption/communication 
controlling unit 41 and information managing unit 42 of the 
server apparatus 4 is shown on the four vertical lines, while 
data in communication is shown between the lines with a 
horizontal arrow below indicating the origin and end points 

25 of the data. In the figure, the direction from top to bottom 
corresponds to the flow of time. 

In the figure, "message input form" is data displayed on 
the screen of the I/F unit 221 for the information user (user 
of the client apparatus 2) to input a message as a reply to the 

30 information provider (user of the server apparatus 4), while 
"message input form creation document" is a document, 
such as an HTML (HyperText Markup Language) 
document, used for displaying the message input form on the 
screen of the I/F unit 221. (Specific examples of message 

35 input forms and message input form creation documents will 
be explained later with reference to FIGS. 11-14. For details 
on HTML, see Laura Lemay (1995) Teach Yourself Web 
Publishing with HTML in a Week, Sams Publishing.) 
In the data communication system 1 of the present 

40 embodiment, data (message) requested by the server appa- 
ratus 4 is transmitted from the client apparatus 2 to the server 
apparatus 4 in four main steps given below. 

First Step 

45 

The input/output controlling unit 22 in the client appara- 
tus 2 receives information request data 311 from the infor- 
mation user for requesting the information provider to 
provide information (S101), this information request data 
5Q 311 being transmitted to the server apparatus 4 via the 
encryption/communication controlling unit 21. Here, the 
information request data 311 includes attribute information 
on the use of the client apparatus 2, such as user attribute 
information and apparatus attribute information. 

55 Second Step 

In the server apparatus 4, the encryption/communication 
controlling unit 41 receives the information request data 311 
from the client apparatus 2, and the information managing 

60 unit 42 retrieves a message input form creation document 
312 corresponding to the information request data 311 and 
the attached attribute information and transmits the message 
input form creation document 312 through the encryption/ 
communication controlling unit 41 to the client apparatus 2. 

65 When the message input form creation document 312 cor- 
responding to the information request data 311 is not 
included in the provided information data 43 in the server 
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apparatus 4, a message input form creation document 312 is MyEllty-DES-CBC (MyEllty-Data Encryption Standard- 

newly generated in the server apparatus 4 using the attribute Cipher Block Chaining) mode for encryption and the 

information and an encryption variable (described later) MyEllty-SHA-1 (MyEllty-Secure Hash Algorithm- 1) mode 

(S102). for digital signature creation. (Encryption methods, such as 

5 the RSA and public key cryptosystems, are explained in 

^ Ste P detail in Nobuichi Ikeno and Kenji Koyama (1986) Modem 

In the client apparatus 2, the input/output controlling unit Encryption Theory, Institute of Electronic Information and 

22 receives a message inputted by the information user on a Communication.) Note that one or more keys necessary for 

message input form displayed according to the message performing encryption using the encryption method speci- 

input form creation document 312 sent from the server ]0 ficd b y thc encryption variable are sent from the server 

apparatus 2 via the encryption/communication controlling apparatus 4 to the client apparatus 2 together with the 

unit 21 (S1Q3), and this input message is sent to the encryption variable. 

encryption/communication controlling unit 21 as a plaintext The control procedures of the client apparatus 2 and 

313. The encryption/communication controlling unit 21 pro- server apparatus 4 when performing the data communication 

cesses the plaintext 313 according to an indication in the 15 shown in FIG. 5 using the correspondence table in FIG. 6 are 

message input form creation document 312 concerning explained below with reference to FIGS. 7 and 8. 

whether to encrypt/digitally sign the plaintext 313 and which FIG. 7 is a flowchart showing the control procedure of the 

encryption/digital signature method should be used (S104). client apparatus 2 in the data communication system 1. 

Then a communication text 314 generated from the process- xh c c ii ent apparatus 2 first transmits the information 

ing result is transmitted to the server apparatus 4 by the 20 request data 311 in FIG. 5 including the user attribute 

encryption/communication controlling unit 21. information to the server 4 (S201) and waits for a response 

Fourth Step horn the server apparatus 4 (S202). 

On receiving the message input form creation document 

In the server apparatus 4, the encryption/communication 312 as the response from the server apparatus 4, the client 

controlling unit 41 analyzes the received communication 2 apparatus 2 displays the message input form (S203) and 

text 314. If the communication text 314 has been encrypted waits for a user input (S204). 

or digitally signed, the encryption/communication control- When the user inputs a message (plaintext 313 in FIG. 5) 

ling unit 41 accordingly decrypts the communication text on the message inpu t form, the encryption variable in the 

314 or verifies a digital signature of the communication text message input form creation document 312 is analyzed 

314 (S105). The information managing unit 42 registers a (S205) t0 specif y a ^y^^ type ( S2 06). When the 

plaintext 315 which has been restored by the encryption/ encryption variable is "ONLY", the input message is 

communication controlling unit 41 in the registered infor- encrypted using the specified encryption method (RSA in 

mation data 44 as needed (S106), and transmits a commu- Fia g) ( S20 7). When the encryption variable is "M1C- 

nication completion notification 316 for notifying the CLEAR", the input message is digitally signed using the 

information user of the procedure completion to the client specified digital signature method (public key cryptosystem) 

apparatus 2 via the encryption/communication controlling (S208). When the encryption variable is "ENCRYPTED", 

unit ^* the input message is encrypted and digitally signed using the 

In the above data communication, the server apparatus 4 specified encryption method (MyEllty-DES-CBC) and digi- 

can determine whether to perform encryption, which 4Q t a l signature method (MyEllty-SHA-1) (S209). 

encryption method is to be used, whether to perform digital ^fter encrypting and/or digitally signing the input mes- 

signature, and which digital signature method is to be used, sage according to the conversion type specified by the 

according to the attribute information of the client apparatus encryption variable, the client apparatus 2 transmits the 

2- converted message to the server apparatus 4 as the commu- 

In actual data communication between the client appara- 45 nication text 314 (S210) and waits for the communication 

tus 2 and the server apparatus 4, extension tags which can be completion notification 316 as the reply to the communica- 

defined in advance for specifying an encryption variable are tion text 314 (S211). If, on the other hand, the message input 

included in the message input form creation document 312 form creation document 312 does not include an encryption 

that is presented, for instance, in HTML. This encryption variable in step S205, the client apparatus 2 judges that 

variable is used to specify a conversion type, that is, one of 50 neither encryption nor digital signature is necessary and 

a plurality of encryption methods and/or one of a plurality of transmits the input message directly to the server apparatus 

digital signature methods to be used by the client apparatus 4 as the communication text 314 in step S210. On receiving 

2 for converting a message inputted in response to the the communication completion notification 316 from the 

displayed message input form. server apparatus 4, the client apparatus 2 completes the 

FIG. 6 shows an example of the correspondence between 55 procedure, 

values of the encryption variable and encryption/digital FIG. 8 is a flowchart showing the control procedure of the 

signature methods, server apparatus 4 in the data communication system 1. 

The encryption variable specifies one of various encryp- The server apparatus 4 waits for a communication text 

tion methods and/or one of various digital signature methods (information request data 311 or communication text 314 in 

for a message inputted by the information user. The corre- 60 FIG. 5) from the client apparatus 2 (S251). On receiving a 

spondence such as shown in FIG. 6 has been set in the client communication text, the server apparatus 4 analyzes the 

apparatus 2 in advance, wherein the encryption variable communication text (S252) to judge whether the text is a 

"ONLY" specifies only the use of the RSA (Rivest-Shamir- ciphertext (S253). If the communication text is a ciphertext 

Adleman) cryptosystem for encryption, the encryption vari- (in the present example, if the communication text is the 

able "MIC-CLEAR" specifies only the use of the public key 65 communication text 314 generated from the encrypted and/ 

cryptosystem for digital signature creation, and the encryp- or digitally signed plaintext 313), the server apparatus 4 

tion variable "ENCRYPTED" specifies both the use of the detects the conversion type from the encryption variable 
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(S254). When the encryption variable is "ONLY" showing 
that the encryption method (RSA) specified by the encryp- 
tion variable has been used for the communication text, the 
server apparatus 4 decrypts the communication text using 
the same encryption method (S255). When the encryption 5 
variable is "MIC-CLEAR" showing that the digital signature 
method (public key cryptosystem) specified by the encryp- 
tion variable has been used for the communication text, the 
server apparatus 4 verifies a digital signature of the com- 
munication text using the same digital signature method 3Q 
(S256). When, on the other hand, the encryption variable is 
"ENCRYPTED" showing that the encryption and digital 
signature methods (MyEUty-DES-CBC and MyEllty-SHA- 
1) specified by the encryption variable have been used for 
the communication text, the server apparatus 4 verifies a 
digital signature of the communication text and decrypts the 15 
communication text using the same digital signature and 
encryption methods (S2S7). If the communication text is not 
a ciphertext (in the present example, if the communication 
text is the information request data 311) in step S253, the 
procedure proceeds to step S258. 20 

The server apparatus 4 analyzes the restored plaintext 
(S258) to find out the process required by the client appa- 
ratus 2 for the communication text (S259) If the client 
apparatus 2 requests information retrieval (that is, if the ^ 
communication text is the information request data 311), the 
server apparatus 4 retrieves information requested by the 
client apparatus 2 from the provided information data 43 
(S260). If the client apparatus 2 requests information reg- 
istration (that is, if the communication text is the commu- 3Q 
nication text 314), the server apparatus 4 registers informa- 
tion included in the communication text into the registered 
information data 44 (S261). 

If the communication text is the information request data 
311, after step S260 the server apparatus 4 transmits the 3S 
message to input form creation document 312 (e.g. facility 
reservation system) to the client apparatus 2 (S262) and 
waits for the next communication text (S263). If, on the 
other hand, the communication text is the communication 
text 314 (e.g. reservation apply form), after step S261 the 4Q 
server apparatus 4 transmits the communication completion 
notification 316 (e.g. reservation result) to the client appa- 
ratus 2 (S262) and waits for the next communication text 
(S263). When do more communication texts are sent from 
the client apparatus 2, the server apparatus 4 completes the 45 
procedure. 

The following is a specific explanation of displays on the 
screen of the client apparatus 2 and related display data with 
reference to FIGS. 9-16. 

In an example given below, the data communication 50 
system 1 is used as a facility (such as a golf course) 
reservation management system, wherein the server appa- 
ratus 4 manages facility reservations and the user of the 
client apparatus 2 makes a reservation for the use of the 
facility online on the Internet. Here, users of the facility 55 
include members of a particular club for utilizing the facility 
and visitors who are not the club members. 

FIG. 9 shows a facility reservation system menu display 
401 displayed on the screen of the I/F unit 221 in the client 
apparatus 2 based on a predetermined HTML document 60 
retrieved from the provided information data 43 in the server 
apparatus 4. While displays and encryption/digital signature 
processes in the client apparatus 2 are indicated by HTML 
documents in the present example, other types of documents 
may instead be used. 65 

The user of the client apparatus 2 inputs "1" or "2" on a 
display item 402 in the menu display 401 in FIG. 9 depend- 
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ing on his/her status as a member or a visitor, and has the 
client apparatus 2 transmit the input data "1" or "2" which 
is user attribute information to the server apparatus 4 by 
selecting a display item 403. 

In the server apparatus 4, HTML documents correspond- 
ing to user attribute information 1 and 2 have been set in 
advance. FIG. 10 shows the correspondence table, held in 
the server apparatus 4, between user attribute information 
received from the client apparatus 2 and documents to be 
sent to the client apparatus 2. FIG. 11 shows a message input 
form creation document included in document 0001 corre- 
sponding to user attribute information 1 (members). FIG. 12 
shows a message input form creation document included in 
document 0002 corresponding to user attribute information 
2 (visitors). 

When receiving user attribute information 1 from the 
client apparatus 2, the server apparatus 4 retrieves document 
0001 including the message input form creation document 
shown in FIG. 11 from the provided information data 43 and 
sends it to the client apparatus 2. This message input form 
creation document includes extension INPUT tags 501 and 
502. In extension INPUT tag 501, "Proc-Type" and 
"ENCRYPTED" (encryption variable) are specified respec- 
tively as a name attribute and a value attribute corresponding 
to the name attribute "Proc-Type", while in extension 
INPUT tag 502, "Key" and "C0Qb28sgCW49TcbhA4BE" 
(key data used for encryption/digital signature) are specified 
respectively as a name attribute and a value attribute corre- 
sponding to the name attribute "Key". 

The client apparatus 2 processes extension INPUT tags 

501 and 502 and performs the specified encryption/digital 
signature on a message inputted by the user. Here, according 
to the encryption variable "ENCRYPTED", the input mes- 
sage is encrypted by the MyEllty-DES-CBC mode and 
digitally signed by the MyEllty-SHA-1 mode using the key 
data. The resulting message is then transmitted to the server 
apparatus 4. (Note that "hidden" in FIG. 11 is set as a type 
attribute for preventing the contents of INPUT tags 501 and 

502 from being displayed in the client apparatus 2.) 
When, on the other hand, receiving user attribute infor- 
mation 2 from the client apparatus 2, the server apparatus 4 
retrieves document 0002 including the message input form 
creation document in FIG. 12 from the provided information 
data 43 and sends it to the client apparatus 2. Since a 
message ioputted by a visitor will not be treated as data 
which requires privacy against third parties on the Internet 
in the present example, extension INPUT tags described 
above are not included in this message input form creation 
document. Accordingly, the client apparatus 2 transmits an 
input message to the server apparatus 4 without performing 
encryption/digital signature on the message. 

The message input form creation document (for members) 
in FIG. 11 is accompanied with data showing reservation 
conditions, and as a result a reservation setting display 402 
which includes a message input form for members is dis- 
played on the screen of the I/F unit 211 in the client 
apparatus 2 as shown in FIG. 13. Similarly, the message 
input form creation document (for visitors) in FIG. 12 is 
accompanied with the data showing the reservation 
conditions, and as a result a reservation setting display 403 
which includes a message input form for visitors is dis- 
played on the screen of the I/F unit 211 in the client 
apparatus 2 as shown in FIG. 14. 

The reservation setting display (for members) 402 in FIG. 
13 and the reservation setting display (for visitors) 403 in 
FIG. 14 respectively include reservation condition display 
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items 4021 and 4031 showing dates which have already 
been reserved, message input forms 4022 and 4032, and 
transmission indication display items 4023 and 4033, and 
differ only in their headings. However, messages inputted on 
the message input forms 4022 and 4032 will be processed 
differently. 

The following is an explanation of specific examples of 
internal data, generated from a message inputted on the 
message input form 4022 in the reservation setting display 
(for members) 402 in FIG. 13 which is displayed according 
to the message input form creation document in FIG. 11, and 
data obtained by encrypting and digitally signing the internal 
data. 

FIG. 15 shows a specific example of internal data gener- 
ated from a message inputted on the reservation setting 
display 402, while FIG. 16 shows a specific example of data 
generated by encrypting and digitally signing the internal 
data shown in FIG. 15. 

The internal data in FIG. 15 corresponds to the plaintext 
313 in FIG. 5 and includes data 601 showing the encryption 
variable "ENCRYPTED" specified by the server apparatus 
4, data 602 showing an input name "MATSUSHITA 
TARO", data 603 showing an input address "NAGOYA", 
data 604 showing an input date "1998. 7. 10" and data 605 
showing the specified key "C0Qb28sgCW49TcbhA4BE". 

By performing encryption and digital signature, the data 
in FIG. 16 is generated and transmitted to the server appa- 
ratus 4. The data in FIG. 16 includes data 651 showing key 
information (obtained by encrypting a common key used in 
the MyEllty-DES-CBC mode using a public key) to be used 
by the server apparatus 4 to perform decryption correspond- 
ing to the encryption by the MyEllty-DES-CBC mode, data 
652 showing signature data generated as a result of digitally 
signing the encrypted internal data by the MyEllty-SHA-1 
mode, and data 653 showing ciphertext data generated as a 
result of encrypting data "Name . . . 1998. 7. 10" in the 
internal data in FIG. 15 by the MyEllty-DES-CBC mode. 

As described above, in the data communication system 1 
of the present invention, a document, sent from the server 
apparatus 4 to the client apparatus 2 for producing a display 
which urges the user of the client apparatus 2 to input a 
message, includes an indication for a conversion type 
(whether to perform encryption/digital signature and which 
encryption/digital signature method should be used) for 
secret communication of an input message in the client 
apparatus 2. With this construction, the client apparatus 2 
converts (encrypts and/or digitally signs) the input message 
according to the conversion type indicated by the server 
apparatus 4 and sends the converted message to the server 
apparatus 4. The server apparatus 4 decrypts the received 
message and/or verifies a digital signature of the received 
message as inverse conversion to obtain the original mes- 
sage. 

Thus, in the data communication system 1 of the present 
invention the server apparatus 4 can determine the conver- 
sion type for secret communication based on information on 
the use of the client apparatus 2, such as user attribute 
information. This can be achieved by the server apparatus 4, 
after receiving the information on the use of the client 
apparatus 2, sending a message input form creation docu- 
ment which includes an indication for a conversion type 
associated with the received information to the client appa- 
ratus 2. 

While the plurality of elements (name, address, date) in 
the internal data are converted based on the same conversion 
type in the above embodiment, a conversion type may 
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instead be specified for each of the plurality of elements 
using more extension tags, so that each element will be 
processed differently. 

Also, while an encryption variable is used to specify 

5 whether to perform encryption/digital signature and which 
encryption/digital signature method should be used in the 
above embodiment, the encryption variable may also be 
used to specify a type of a key or a combination of keys to 
be used and encryption/digital signature methods other than 

10 those used in the above embodiment. 

Also, the server apparatus 4 in the above embodiment 
selects either a document that specifies an encryption vari- 
able indicating an encryption/digital signature method or a 
document that does not specify an encryption variable, 

15 depending on received user attribute information of the 
client apparatus 2. Alternatively, the server apparatus 4 may 
independently select a document to be sent to the client 
apparatus 2 based on a factor, such as a date, a day of a week, 
and a random number, without depending on data sent from 

20 the client apparatus 2. 

While an encryption variable takes one of three values 
("ONLY", "MIC-CLEAR", and "ENCRYPTED") in the 
above embodiment, the encryption variable can take more 
than three values in a case where the number of available 

25 encryption/digital signature methods is increased. 

Although the present invention has been fully described 
by way of examples with reference to the accompanying 
drawings, it is to be noted that various changes and modi- 
fications will be apparent to those skilled in the art. 

30 Therefore, unless such changes and modifications depart 
from the scope of the present invention, they should be 
construed as being included therein. 
What is claimed is: 

1. A message receiving apparatus for receiving messages 
35 from a message transmitting apparatus, comprising: 

first receiving means for receiving first data concerning a 
use condition of the message transmitting apparatus 
from the message transmitting apparatus; 

first generating means for generating second data for 
40 producing a display which urges a user of the message 
transmitting apparatus to input a message; 

second generating means for generating third data for 
specifying a conversion type for secret communication 
45 of the message according to the received first data; 

transmitting means for transmitting the second data and 
the third data to the message transmitting apparatus; 
and 

second receiving means for receiving the message from 
50 the message transmitting apparatus after the second 
data and the third data have been transmitted to the 
message transmitting apparatus, 
wherein the second data is written in a document descrip- 
tion language format, and the third data is written 
55 within the second data using tags that extend the 
document description language format. 

2. The message receiving apparatus of claim 1, further 
comprising 

associating means for associating the first data with 
60 conversion type information that indicates whether to 
perform encryption, which encryption method should 
be used if performing the encryption, whether to per- 
form digital signature, and which digital signature 
method should be used if performing the digital 
65 signature, 

wherein the use condition of the message transmitting 
apparatus shown by the first data corresponds to an 
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attribute of the user of the message transmitting 
apparatus, and 
wherein the second generating means generates the third 
data according to the conversion type information 
associated with the first data. 

3. The message receiving apparatus of claim 2, further 
comprising 

storing means for storing fourth data showing key infor- 
mation necessary for the message transmitting appara- 
tus to perform the encryption, 

wherein the transmitting means transmits the second data, 
the third data, and the fourth data to the message 
transmitting apparatus. 

4. The message receiving apparatus of claim 1, further 
comprising 

reconverting means for reconverting the message 
received by the second receiving means. 

5. The message receiving apparatus of claim 1, wherein 
the conversion type specified in the third data indicates 
whether to perform encryption and, if the encryption is to be 
performed, indicates one of encryption methods set in 
advance in the message transmitting apparatus. 

6. The message receiving apparatus of claim 1, wherein 
the conversion type specified in the third data indicates 
whether to perform digital signature and, if the digital 
signature is to be performed, indicates one of digital signa- 
ture methods set in advance in the message transmitting 
apparatus. 

7. A message transmitting apparatus for transmitting 
messages to a message receiving apparatus, comprising: 

acquiring means for acquiring first data concerning a use 
condition of the message transmitting apparatus; 

first transmitting means for transmitting the first data to 
the message receiving apparatus; 

receiving means for receiving, from the message receiv- 
ing apparatus, second data for producing a display 
which urges a user to input a message and third data, 
generated according to the first data, for specifying a 
conversion type for secret communication of the mes- 
sage; 

displaying means for producing the display according to 
the second data; 

inputting means for receiving the message inputted by the 
user in response to the display; 

converting means for converting the input message 
according to the third data; and 

second transmitting means for transmitting the converted 
message to the message receiving apparatus, 

wherein the second data is written in a document descrip- 
tion language format, and the third data is written 
within the second data using tags that extend the 
document description language format. 

8. The message transmitting apparatus of claim 7, further 
comprising 

associating means for associating the third data with 
conversion type information that indicates whether to 
perform encryption, which encryption method should 
be used if performing the encryption, whether to per- 
form digital signature, and which digital signature 
method should be used if performing the digital 
signature, 

wherein the converting means converts the input message 
according to the conversion type information associ- 
ated with the third data. 

9. The message transmitting apparatus of claim 8, further 
comprising: 
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preventing means for preventing the third data written 
using the tags from being displayed. 

10. The message transmitting apparatus of claim 8, 

wherein the receiving means receives fourth data showing 
5 key information necessary for performing the encryp- 
tion from the message receiving apparatus together 
with the second data and the third data, and 

wherein the converting means converts the input message 
according to the third data and the fourth data. 
10 11. The message transmitting apparatus of claim 7, 

wherein the conversion type specified in the third data 
indicates whether to perform encryption and, if the 
encryption is to be performed, indicates one of encryp- 
5 tion methods set in advance in the message transmitting 
apparatus. 

12. The message transmitting apparatus of claim 7, 
wherein the conversion type specified in the third data 

indicates whether to perform digital signature and, if 
20 the digital signature is to be performed, indicates one of 
digital signature methods set in advance in the message 
transmitting apparatus. 

13. A message communicating method for communicat- 
ing messages between a message transmitting apparatus and 

25 a message receiving apparatus, comprising: 

an acquiring step for acquiring first data concerning a use 
condition of the message transmitting apparatus in the 
message transmitting apparatus; 
a first communicating step for transmitting the first data 
30 from the message transmitting apparatus to the message 
receiving apparatus; 
a first generating step for generating, in the message 
receiving apparatus, second data for producing a dis- 
play which urges a user of the message transmitting 
35 apparatus to input a message; 

a second generating step for generating third data in the 
message receiving apparatus for specifying a conver- 
sion type for secret communication of the message 
40 according to the first data; 

a second communication step for transmitting the second 
data and the third data from the message receiving 
apparatus to the message transmitting apparatus; 
a displaying step for producing the display in the message 
45 transmitting apparatus according to the second data; 
an inputting step for receiving the message inputted by the 
user in response to the display in the message trans- 
mitting apparatus;, 
a converting step for converting the input message in the 
50 message transmitting apparatus according to the third 
data; and 

a third communicating step for transmitting the converted 
message from the message transmitting apparatus to the 
55 message receiving apparatus, 

wherein the second data is written in a document descrip- 
tion language format, and the third data is written 
within the second data using tags that extend the 
document description language format. 
60 14. A message receiving method for receiving messages 
from a message transmitting apparatus, comprising: 

a first receiving step for receiving first data concerning a 
use condition of the message transmitting apparatus 
from the message transmitting apparatus; 
65 a first generating step for generating second data for 
producing a display which urges a user of the message 
transmitting apparatus to input a message; 
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a second generating step for generating third data for 
specifying a conversion type for secret communication 
of the message according to the received first data; 

a transmitting step for transmitting the second data and 
the third data to the message transmitting apparatus; 5 
and 

a second receiving step for receiving the message from 
the message transmitting apparatus after trie second 
data and the third data have been transmitted to the 
message transmitting apparatus, 10 

wherein the second data is written in a document descrip- 
tion language format, and the third data is written 
within the second data using tags that extend the 
document description language format. s 

15. A message transmitting method for transmitting mes- 
sages to a message receiving apparatus, comprising: 

an acquiring step for acquiring first data concerning a use 
condition of the message transmitting apparatus; 

a first transmitting step for transmitting the first data to the 20 
message receiving apparatus; 

a receiving step for receiving, from the message receiving 
apparatus, second data for producing a display which 
urges a user to input a message and third data, gener- 
ated according to the first data, for specifying a con- 25 
version type for secret communication of the message; 

a displaying step for producing the display according to 
the second data; 

an inputting step for receiving the message inputted by the 3Q 
user in response to the display; 

a converting step for converting the input message 
according to the third data; and 

a second transmitting step for transmitting the converted 
message to the message receiving apparatus, 35 

wherein the second data is written in a document descrip- 
tion language format, and the third data is written 
within the second data using tags that extend the 
document description language format. 

16. A computer-readable storage medium storing a pro- 40 
gram that when implemented on a computer will realize a 
message receiving apparatus for receiving messages from a 
message transmitting apparatus, the program comprising: 

a first receiving step for receiving first data concerning a 
use condition of the message transmitting apparatus 45 
from the message transmitting apparatus; 
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a first generating step for generating second data for 
producing a display which urges a user of the message 
transmitting apparatus to input a message; 

a second generating step for generating third data for 
specifying a conversion type for secret communication 
of the message according to the received first data; 

a transmitting step for transmitting the second data and 
the third data to the message transmitting apparatus; 
and 

a second receiving step for receiving the message from 
the message transmitting apparatus after the second 
data and the third data have been transmitted to the 
message transmitting apparatus, 

wherein the second data is written in a document descrip- 
tion language format, and the third data is written 
within the second data using tags that extend the 
document description language format. 

17, A computer-readable storage medium storing a pro- 
gram that when implemented on a computer will realize a 
message transmitting apparatus for transmitting messages to 
a message receiving apparatus, the program comprising: 

an acquiring step for acquiring first data concerning a use 
condition of the message transmitting apparatus; 

a first transmitting step for transmitting the first data to the 
message receiving apparatus; 

a receiving step for receiving, from the message receiving 
apparatus, second data for producing a display which 
urges a user to input a message and third data, gener- 
ated according to the first data, for specifying a con- 
version type for secret communication of the message; 

a displaying step for producing the display according to 
the second data; 

an inputting step for receiving the message inputted by the 
user in response to the display; 

a converting step for converting the input message 
according to the third data; and 

a second transmitting step for transmitting the converted 
message to the message receiving apparatus, 

wherein the second data is written in a document descrip- 
tion language format, and the third data is written 
within the second data using tags that extend the 
document description language format. 

***** 
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